Forgot to mention, you need to STOP/START the router after making in-place update of its sourceNAT IP for the changes to take effect.
Regards, Somesh -----Original Message----- From: Somesh Naidu [mailto:somesh.na...@citrix.com] Sent: Tuesday, July 08, 2014 6:27 PM To: users@cloudstack.apache.org Subject: RE: Splitting Public IP Range in Advanced Networking Model I am not sure if this is documented anywhere since it's is not a supported operation. If this is a production environment then I would recommend that you do it the clean way, that is, a. release all the IPs from this range b. delete this range c. add new range If you intend to do this via DB update then you need to ensure that the IP addresses that you wish to remove from the range are not being used and are contiguous. For ex. Say the IP address range is 10.10.1.100 - 10.10.1.199 and you wish to make it 10.10.1.100 - 10.10.1.149. You need to ensure that IP addresses between 10.10.1.150 and 10.10.1.199 are not being used. If this is the case then you could run the following SQL to update the IP range: a. Delete the IPs (should be contiguous) that you wish to remove - delete from user_ip_address where public_ip_address='<ip_addr>'; (do this for all IP addresses you wish to remove) b. Change the description column in the table "vlan" with the correct IP range - update vlan set description='<range>' where vlan_id=<vlan_id>; However, if there are IP addresses that are being used, specifically as a sourceNAT IP then it's going to be complicated. Note that IP addresses in a public range can be used in the following ways, 1. routers sourceNAT IP 2. systemVMs public IP 3. acquired IP For #1 we need to do in-place update for the routers sourceNAT IP. a. release the IP currently allocated to the router: update user_ip_address set allocated=NULL, network_id=NULL, source_nat=0, state='Free' where public_ip_address='<IP_address'; b. choose and allocate a new IP address for the router: update user_ip_address set allocate=now(), network_id=<network_id>, source_nat=1, state='Allocated' where public_ip_address='<IP_address'; c. associate IP address in step b to the router: update nics set ip4_address='<ip_address>', device_id=<device_id> where instance_id=<router_vm_id>; #2 and # above3 can be handled in the following way: a. Disable the Zone. (to stop CS creating System VMs) b. Destroy System VMs having IP from the range to be removed. c. Release all the acquired public IPs from the UI. I strongly recommend that you try these steps once in a test/staging environment before implementing in production. Hope this helps. Regards, Somesh -----Original Message----- From: Timothy Lothering [mailto:tlother...@datacentrix.co.za] Sent: Tuesday, July 08, 2014 3:42 PM To: users@cloudstack.apache.org Subject: RE: Splitting Public IP Range in Advanced Networking Model Thanks Somesh, This is for a production environment. Where can I find details on how to accomplish this task? Kind Regards, Timothy -----Original Message----- From: Somesh Naidu [mailto:somesh.na...@citrix.com] Sent: 08 July 2014 11:30 AM To: users@cloudstack.apache.org Subject: RE: Splitting Public IP Range in Advanced Networking Model Comments in-line. Regards, Somesh From: Timothy Lothering [mailto:tlother...@datacentrix.co.za] Sent: Tuesday, July 08, 2014 2:38 PM To: users@cloudstack.apache.org Subject: Splitting Public IP Range in Advanced Networking Model Hi All, Does anyone know a safe way to split the Public IP Range allocated to a Zone? The Zone already contains live Instances/Networks, I am unable to delete the Public range and re-create it. [somesh] this is expected behavior. Is it safe to change the range in the SQL DB and restart the Management Servers? Or is there a better way of doing this? [somesh] it is possible to do and safe as long as the right DB updates are made. Are you looking to do this on a production environment? Lastly – If we could possibly add an option to shrink/grow the existing range from the UI, that would be great! [somesh] I agree. The existing procedure is to remove the IP range completely and add a new one but of course for that IP range shouldn’t be in use. Kind Regards, Timothy [www.datacentrix.co.za]<http://www.datacentrix.co.za> Timothy Lothering Solutions Architect Managed Services T: +27877415535 F: +27877415100 C: +27824904099 E: tlother...@datacentrix.co.za<mailto:tlother...@datacentrix.co.za> www.datacentrix.co.za<http://www.datacentrix.co.za/> Serious about performance, passionate about value [cid:114070811083002068@za-mta-8.za.mimecast.lan] ________________________________ Disclaimer Everything in this e-mail and any attachments relating to the official business of Datacentrix Holdings Ltd. and its subsidiaries ('Datacentrix') is proprietary to Datacentrix. It is confidential, legally privileged and protected by law. Datacentrix does not own and endorse any other content. Views and opinions are those of the sender unless clearly stated as being that of Datacentrix. The person addressed in the e-mail is the sole authorised recipient. Please notify the sender immediately if it has unintentionally reached you and do not read, disclose or use the content in any way. Datacentrix cannot assure that the integrity of this communication has been maintained nor that it is free of errors, virus, interception or interference. ________________________________ [cid:114070811083001968@za-mta-8.za.mimecast.lan]
